The Importance of Notebook drive Encryption
PeterWallace
I just finished reading some alarming stats from a study on Laptop Encryption that I took a part in.
720 IT Security professionals and 874 Business managers from US based organizations were polled about their use of laptop encryption. The study showed 82% of the IT Security Professionals and 58% of Business Managers have employer provided encryption solutions on their laptops. But the study went on to ask other questions and this one was alarming, have you ever disengaged your laptop’s encryption software? 56% of the business managers and 25% of the It Security professionals answered yes often not taking precautions to protect their data!
Why is laptop encryption important you ask?
According to a data breach clearing house, more than 32% of data breaches were the result of a lost or stolen laptop. If you compare this to the fact that only 14% of data breaches were the result of a hacking event, you begin to see where the real problem lies with regards to data security, it is outside the firewall. Desktop sales have slumped dramatically, in favor of notebook computers as well as the newer and smaller netbooks, as a result laptop and mobile device theft and loss related data breaches are expected to sky rocket this year.
What can we do for Laptop Encryption? Start using something!
Microsoft has provided ways to do this starting with Windows XP Pro (sorry Windows XP home does not have this) using the EFS (Encrypting File System) to store files on your hard drive. You can only encrypt files on volumes that are formatted with the NTFS file system as volumes that use the FAT file system will not encrypt and will error. Windows Vista and Windows 7 Ultimate and enterprise operating systems included Bit Locker Drive Encryption which is a full disk encryption. Bit Locker Drive Encryption is a logical volume encryption system. A volume may or may not be an entire drive, and can span one or more physical drives. Encrypting File System may be used in conjunction with Bit Locker to provide protection once the operating system kernel is running. Protection of the files from processes/users within the operating system can only be performed using encryption software that operates within Windows, such as Encrypting File System. Bit Locker and Encrypting File System therefore offer protection against different classes of attacks.
Users of other systems will need to look into 3rd party solutions. There are many out there from open source like truecrypt ( www.truecrypt.org ) to fully paid versions like PGP Whole Disk Encryption ( www.pgp.com ).
92% of the IT Security Professionals report that someone in their organization has had a laptop lost or stolen and 71% report that it resulted in a data breach. Only 45% report that the organization was able to prove the contents were encrypted! What are you waiting for?
Lost USB Drives or Smart Phones? Wait that’s another day and another set of Encryption.
